infra-lead/molecule-core
1
0
Fork 0
forked from molecule-ai/molecule-core
Code Pull Requests Activity
667c72e964
molecule-core/platform/internal/channels
History
molecule-ai[bot] fde90efde5
fix(security): cap discord error response body read at 4096 bytes 
Unbounded io.ReadAll on the Discord webhook error response body was a LOW
OOM risk: a malicious gateway or misconfigured proxy could return a multi-MB
body and exhaust agent memory. Cap with io.LimitReader(resp.Body, 4096) —
error messages are always short; any extra content is irrelevant noise.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-17 10:46:09 +00:00
..
adapter.go initial commit — Molecule AI platform 2026-04-13 11:55:37 -07:00
channels_test.go feat(channels): add Slack adapter with webhook URL validation (#384) 2026-04-16 11:14:31 +00:00
discord_test.go fix(security): Ed25519 signature verification for Discord webhooks + strip token from error chain 2026-04-17 10:36:51 +00:00
discord.go fix(security): cap discord error response body read at 4096 bytes 2026-04-17 10:46:09 +00:00
lark_test.go feat(channels): Lark / Feishu adapter (outbound webhook + Events API inbound) 2026-04-16 07:10:58 -07:00
lark.go feat(channels): Lark / Feishu adapter (outbound webhook + Events API inbound) 2026-04-16 07:10:58 -07:00
manager.go fix(security): scope PausePollersForToken to requesting workspace (closes #329) 2026-04-15 21:22:50 -07:00
registry.go feat(channels): add Discord adapter (#625) 2026-04-17 07:02:50 +00:00
secret_test.go fix(security): encrypt channel_config bot_token at rest (closes #319) 2026-04-15 21:09:34 -07:00
secret.go fix(security): encrypt channel_config bot_token at rest (closes #319) 2026-04-15 21:09:34 -07:00
slack.go feat(channels): add Slack adapter with webhook URL validation (#384) 2026-04-16 11:14:31 +00:00
telegram.go initial commit — Molecule AI platform 2026-04-13 11:55:37 -07:00